• Have something to say? Register Now! and be posting in minutes!

OT: Target got got (de facto Bad Cyber Stuff thread)

sabresfaninthesouth

Lifelong Cynic
8,569
2,214
173
Joined
Sep 21, 2010
Location
Charlotte, NC
Hoopla Cash
$ 800.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
Several that have come out so far are Business Leaders, Senators and Mayors. The problem is, of course, the source of the information is not known so the validity is questionable. But let's not let that get in the way of a good witch hunt. I do find it kind of hard to believe that a backwoods collection of rednecks would have a web presence and giant database of user info. But you never know.
I would find it substantially less hard to believe that a backwoods collection of rednecks would have web presence and a giant unsecured database of user info.

Gotta get to Breitbart somehow...
 

forty_three

It’s Raining Falafel
44,907
19,380
1,033
Joined
Apr 19, 2010
Hoopla Cash
$ 1,000.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
Where's that flashing red light gif when I need it?

NHS cyber-attack: hospital computer systems held to ransom across England

So, you're probably seeing this splash about and no doubt people will call it all sorts of things from Cyber - Terrorism to the work of Lucifer himself. And I don't want to downplay it, it's bad. Cutting off anyone's access to health care is bad. Even if that Congressman said no one dies from it. Literally that is the ONLY reason someone dies. Because they didn't get enough care for their health.

Anyway...

So what likely happened here is some bad email got into an overworked person inside the network. Likely one of those "I have shared a google doc with you" things. They clicked it which landed malware on their system. Then, as most hospitals are, the internal network security is likely not as high as the perimeter security, so it spreads inside easily. Hospitals and universities need collaboration more than they need anything else.

This all likely came about because some fucknut learned how to code and decided to write something that would get him a few bitcoins that he could use to buy those fake nude photos of Emma Watson circulating on the dark web.

And now Scotland Yard and Interpol are after him. Dude is PHUCKED


We had a similar "attack" where I work and we (knock on wood) got it contained pretty fast. And it wasn't targeted. Kid just blasted it out to an email list he bought for 6 bucks, which included a few people in our organization. That's all it took.

He will be 35 when he gets out of jail. He got 15 years. Whoever did this one will get 30 I'm sure. Idjit
 

Comeds

Unreliable Narrator.
22,560
11,041
1,033
Joined
Apr 21, 2010
Location
Baltimore
Hoopla Cash
$ 754.60
Fav. Team #1
Fav. Team #2
Fav. Team #3
This all likely came about because some fucknut learned how to code and decided to write something that would get him a few bitcoins that he could use to buy those fake nude photos of Emma Watson circulating on the dark web.

And now Scotland Yard and Interpol are after him. Dude is PHUCKED


We had a similar "attack" where I work and we (knock on wood) got it contained pretty fast. And it wasn't targeted. Kid just blasted it out to an email list he bought for 6 bucks, which included a few people in our organization. That's all it took.

He will be 35 when he gets out of jail. He got 15 years. Whoever did this one will get 30 I'm sure. Idjit

Link?
 

esls79

I am?
9,739
3,649
293
Joined
Apr 19, 2010
Location
Near Earth
Hoopla Cash
$ 200.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
I'll provide you with detailed instructions on how to access those pics for 3 bitcoin.
 

Comeds

Unreliable Narrator.
22,560
11,041
1,033
Joined
Apr 21, 2010
Location
Baltimore
Hoopla Cash
$ 754.60
Fav. Team #1
Fav. Team #2
Fav. Team #3
I'll provide you with detailed instructions on how to access those pics for 3 bitcoin.
Hold on, let me code something to get me some bitcoin.
 

forty_three

It’s Raining Falafel
44,907
19,380
1,033
Joined
Apr 19, 2010
Hoopla Cash
$ 1,000.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
Wakerlink.jpg
 

forty_three

It’s Raining Falafel
44,907
19,380
1,033
Joined
Apr 19, 2010
Hoopla Cash
$ 1,000.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
So, it seems that the genius who wrote the malware put in a "trigger" to tell it when to start it encrypting. They wrote logic that the malware would reach out to a long, nonsensical URL on the Internet and if it got no response from the site the malware started a timer and would encrypt files when the timer reached zero. The plan being that it would never get a response because the URL was nonsense.

But what they forgot to do was register the domain. So a malware researcher in Belarus registered it and stood up a basic site. So it will always respond, essentially ensuring that the malware will NEVER be told to encrypt ever again.

I loves me a dumb bad guy.


They also hard-coded their BitCoin wallets into the code as well, and to date the total people have paid up is, as near as makes no difference, only 25 grand US.

Every government on earth is going to try and find them and they didn't even make enough for a nice getaway car.
 

DragonfromTO

Well-Known Member
12,006
2,447
173
Joined
Jul 3, 2013
Hoopla Cash
$ 1,000.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
So, it seems that the genius who wrote the malware put in a "trigger" to tell it when to start it encrypting. They wrote logic that the malware would reach out to a long, nonsensical URL on the Internet and if it got no response from the site the malware started a timer and would encrypt files when the timer reached zero. The plan being that it would never get a response because the URL was nonsense.

But what they forgot to do was register the domain. So a malware researcher in Belarus registered it and stood up a basic site. So it will always respond, essentially ensuring that the malware will NEVER be told to encrypt ever again.

I loves me a dumb bad guy.


They also hard-coded their BitCoin wallets into the code as well, and to date the total people have paid up is, as near as makes no difference, only 25 grand US.

Every government on earth is going to try and find them and they didn't even make enough for a nice getaway car.

I wish all the best of luck to the man who I suspect is going to quickly become the Belarusian Richard Jewell. But we'll see what happens, maybe I'll be wrong. I hope I am.
 

puckhead

Custom User Title
46,769
15,949
1,033
Joined
Apr 20, 2010
Location
Vancouver
Hoopla Cash
$ 33,861.66
Fav. Team #1
They also hard-coded their BitCoin wallets into the code as well, and to date the total people have paid up is, as near as makes no difference, only 25 grand US..
don't bitcoin accounts need to at some level had a listed beneficial owner?
or is that the point of bit coin is that you can supposedly do "anonymous" illegal stuff.
 

forty_three

It’s Raining Falafel
44,907
19,380
1,033
Joined
Apr 19, 2010
Hoopla Cash
$ 1,000.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
don't bitcoin accounts need to at some level had a listed beneficial owner?
or is that the point of bit coin is that you can supposedly do "anonymous" illegal stuff.

The main benefit is that it's untraceable money. You're basically buying encryption keys and later on trading those encryption keys for actual money. Wallets can be tracked as far as what goes in them (if you know the wallet address) but knowing who owns the wallets or who owns the encryption keys inside is really, really damn hard. Because if you provide keys or wallets and it's found out that you log any information about them, no one will ever use your stuff again.

It's loosely like the stock market, except that anyone with enough computing resources can create stocks at any time and no one knows who buys them.
 

puckhead

Custom User Title
46,769
15,949
1,033
Joined
Apr 20, 2010
Location
Vancouver
Hoopla Cash
$ 33,861.66
Fav. Team #1
The main benefit is that it's untraceable money. You're basically buying encryption keys and later on trading those encryption keys for actual money. Wallets can be tracked as far as what goes in them (if you know the wallet address) but knowing who owns the wallets or who owns the encryption keys inside is really, really damn hard. Because if you provide keys or wallets and it's found out that you log any information about them, no one will ever use your stuff again.

It's loosely like the stock market, except that anyone with enough computing resources can create stocks at any time and no one knows who buys them.
That seems like a really awful idea.
Here, terrorists and money launderers, here's a platform for you.
 

forty_three

It’s Raining Falafel
44,907
19,380
1,033
Joined
Apr 19, 2010
Hoopla Cash
$ 1,000.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
That seems like a really awful idea.
Here, terrorists and money launderers, here's a platform for you.

Pretty much. I mean it wasn't the reason it was created, but organized crime has embraced it.

It's actually a decent idea for people who don't want for profit banking to control their wealth. Online gold trading essentially.



But yeah, there's all kinds of nasty shit that it's being used for.
 

DragonfromTO

Well-Known Member
12,006
2,447
173
Joined
Jul 3, 2013
Hoopla Cash
$ 1,000.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
Pretty much. I mean it wasn't the reason it was created, but organized crime has embraced it.

It's actually a decent idea for people who don't want for profit banking to control their wealth. Online gold trading essentially.



But yeah, there's all kinds of nasty shit that it's being used for.

Sure, but one might also be inclined to say this same thing times a million about fiat money, though.
 

dash

Money can't buy happiness, but it can buy bacon
126,423
35,680
1,033
Joined
Apr 19, 2010
Location
City on the Edge of Forever
Hoopla Cash
$ 71.82
Fav. Team #1
Fav. Team #2
Fav. Team #3
Ukrainians?!?

Many companies affected globally by the cyberattack had links to Ukraine, although there is no indication this was the case for BNP, which owns a bank in the country, UkrSibbank.

The ransomware virus includes a code known as Eternal Blue, which cybersecurity experts widely believe was stolen from the U.S. National Security Agency. The virus can spread rapidly if one computer in the network is infected.


Ransomware attack hits property arm of France bank BNP Paribas
 

forty_three

It’s Raining Falafel
44,907
19,380
1,033
Joined
Apr 19, 2010
Hoopla Cash
$ 1,000.00
Fav. Team #1
Fav. Team #2
Fav. Team #3
Ukrainians?!?

Many companies affected globally by the cyberattack had links to Ukraine, although there is no indication this was the case for BNP, which owns a bank in the country, UkrSibbank.

The ransomware virus includes a code known as Eternal Blue, which cybersecurity experts widely believe was stolen from the U.S. National Security Agency. The virus can spread rapidly if one computer in the network is infected.


Ransomware attack hits property arm of France bank BNP Paribas

God damned Ukrainians.
 
Top